[Png-mng-security] vulnerability in png_decompress_chunk()

Glenn Randers-Pehrson glennrp at gmail.com
Fri Jan 29 21:28:29 UTC 2010


On Fri, Jan 29, 2010 at 4:21 PM, Bob Friesenhahn <
bfriesen at simple.dallas.tx.us> wrote:

> On Fri, 29 Jan 2010, Glenn Randers-Pehrson wrote:
>
>>
>> It has been said that even just *adding* a new exported function breaks
>> ABI compatibility, but I'm not sure that I really believe that.
>>
>
> It certainly can.  For example, Cygwin only knows the major version
> ('current') of the library and it is embedded in the library name.  If the
> library name was not changed, then it would probably work.
>

Right, but the question is "does adding a new exported function break ABI
compatibility in e.g., Cygwin?"

1.4.1 is supposed to be ABI compatible with 1.4.0.  If it is not, then we
have
to go to 1.5.0 and libpng15.so.

One approach I explored in Firefox was to use a memory limit equal
to the zbuf_size times the cache_limit, both of which can be set by
function calls in libpng-1.4.0.

Changing the internal algorithm of png_compress_chunk() doesn't
break anything.

Glenn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osuosl.org/pipermail/png-mng-security-archive/attachments/20100129/334cd83b/attachment.html>


More information about the png-mng-security-archive mailing list